mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

Pull lockdown update from James Morris:
 "An update for the security subsystem to allow unprivileged users
  to see the status of the lockdown feature. From Jeremy Cline"

Also an added comment to describe CAP_SETFCAP.

* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  capabilities: add description for CAP_SETFCAP
  lockdown: Allow unprivileged users to see lockdown status
This commit is contained in:
Linus Torvalds 2020-06-02 17:36:24 -07:00
parent f41030a20b 56f2e3b7d8
commit d9afbb3509
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/uapi/linux/capability.h
View File

@ -332,6 +332,8 @@ struct vfs_ns_cap_data {
#define CAP_AUDIT_CONTROL 30
/* Set or remove capabilities on files */
#define CAP_SETFCAP 31
/* Override MAC access.

2
security/lockdown/lockdown.c
View File

@ -150,7 +150,7 @@ static int __init lockdown_secfs_init(void)
{
struct dentry *dentry;
dentry = securityfs_create_file("lockdown", 0600, NULL, NULL,
dentry = securityfs_create_file("lockdown", 0644, NULL, NULL,
&lockdown_ops);
return PTR_ERR_OR_ZERO(dentry);
}